CVE-2009-4324
| CVE Published | 2009-12-15 |
|---|---|
| Related CWE(s) | CWE-416: Use After Free |
| Related Vendor(s) | adobe, opensuse, suse |
| Related Product(s) | linux_enterprise, acrobat, acrobat_reader, opensuse, linux_enterprise_debuginfo |
| Exploitation Reported (CISA KEV) | 2022-06-08 |
| CVSS 3 Base Score | 7.8 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | LOCAL |
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph